0ba95e9a1c922c573812f301a3461633

Sharing

Copy URL

Twitter E-mail

General

Target

0ba95e9a1c922c573812f301a3461633
Size

314KB
MD5

0ba95e9a1c922c573812f301a3461633
SHA1

4deea6534267c4738c707b6ad93231ac15b27343
SHA256

18c56fda9c5197905a632378f6ac44ed98e4b3b4de6dc007e3fdfae672bcf0d1
SHA512

6564af556d59127d22b0037102d138468a786a23121c4178fa4893d01a9a02dbaad202f5955a78e2c926422865c1ad5c5f0a996d7af12e402c8ea2e9caa22351
SSDEEP

6144:M63ntRpkGnB72H2IMcrCdwjC2OvEi6YjOPC+nyuyKTNWOuLd:Zb2dW7wbjCRvEi6YjOPC+/yKBWbL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ba95e9a1c922c573812f301a3461633

Files

0ba95e9a1c922c573812f301a3461633
.dll regsvr32 windows:4 windows x64 arch:x64

9fb39c597d0e7c3ff96e187e2befd945

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
DeleteCriticalSection
EnterCriticalSection
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
Sleep
TlsGetValue
VirtualAlloc
VirtualProtect
VirtualQuery

msvcrt

__iob_func
_amsg_exit
_initterm
_lock
_unlock
abort
calloc
free
fwrite
malloc
realloc
strcmp
strlen
strncmp
vfprintf

Exports

Exports

DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer
Getit

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 300KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 512B - Virtual size: 400B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 272B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9fb39c597d0e7c3ff96e187e2befd945

Headers

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 300KB - Virtual size: 300KB

.rdata Size: 1KB - Virtual size: 1KB

.pdata Size: 1024B - Virtual size: 576B

.xdata Size: 512B - Virtual size: 400B

.bss Size: - Virtual size: 272B

.edata Size: 512B - Virtual size: 172B

.idata Size: 1KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 88B

.tls Size: 512B - Virtual size: 16B

.reloc Size: 1024B - Virtual size: 788B

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 300KB - Virtual size: 300KB

.rdata
Size: 1KB - Virtual size: 1KB

.pdata
Size: 1024B - Virtual size: 576B

.xdata
Size: 512B - Virtual size: 400B

.bss
Size: - Virtual size: 272B

.edata
Size: 512B - Virtual size: 172B

.idata
Size: 1KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.reloc
Size: 1024B - Virtual size: 788B